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Claims 

1. A method of inter-area rekeying of encryption keys in secure mobile 
multicast communications, in which a Domain Group Controller Key 
Server (Domain GCKS) distributes Traffic Encryption Keys (TEK) to a 
plurality of local Group Controller Key Servers (local GCKS) serving 
respective group key management areas, and said local Group Controller 
Key Servers forward said Traffic Encryption Keys, encrypted using Key 
Encryption Keys (KEK, KEKj) that are specific to the respective local 
Group Controller Key Server (local GCKSi, GCKSj), to group members 
situated in the respective group key management areas, said local Group 
Controller Key Servers (GCKSi, GCKSj) constituting Extra Key Owner 
Lists (EKOLi, EKOLj) for said group key management areas (area, area) 
that distinguish group members (MMi, MMj) possessing Key Encryption 
Keys (KEKj, KEKj) and situated in the corresponding group key 
management area (area, areaj) from group members (MMy) possessing 
Key Encryption Keys (KEK) that were situated in the corresponding group 
key management area (area) but are visiting another area (area), 

characterised in that said local Group Controller Key Servers forward said 
Traffic Encryption Keys (TEK) to group members (MMy) visiting the 
respective group key management areas (area) encrypted using a Visitor 
Encryption Key (VEKj) that is specific to the respective local Group 
Controller Key Server (GCKSj) and is different from said Key Encryption 
Key (KEKj). 

2. A method as claimed in claim 1, and comprising rekeying said Traffic 
Encryption Keys (TEK) after rekeying said Key Encryption Key (KEK, 
KEKj). 
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3. A method as claimed in claim 1 or 2, wherein said local Group Controller 
Key Servers (GCKS,, GCKSj) rekey a Key Encryption Key (KEK,, KEKj) by 
a process including sending a new Key Encryption Key (KEK, KEKj) to 

5 current group members encrypted using the current Key Encryption Key 
(KEK,, KEKj) and to visiting group members using the Visitor Encryption 
Key (VEKi, VEKj). 

4. A method as claimed in claim 1 or 2, wherein said local Group Controller 
Key Server GCKS, sends the Visitor Encryption Key (VEK,) rather than the 

1 0 Key Encryption Key (KEK) to new members joining the group via areai. 

5. A method as claimed in claim 3, wherein said local Group Controller Key 
Server (GCKSi, GCKSj) rekey a Key Encryption Key (KEK,, KEKj) by a 
process including sending said new Key Encryption Key (KEK, KEKj) 
selectively to existing group members situated in the corresponding group 

1 5 key management area (areai, areaj). 

6. A method as claimed in claim 3 or 5, wherein said local Group Controller 
Key Servers (GCKS,, GCKSj) rekey a Key Encryption Key (KEK, KEKj) by 
a process including sending said new Key Encryption Key (KEK,, KEKj) to 
existing group members using multicast messages and to visiting group 

20 members over a different secure channel. 



7. A method as claimed in any of claims 3 to 6, wherein rekeying a Key 
Encryption Key (KEK,, KEKj) comprises said local Group Controller Key 
Servers (GCKS,, GCKSj) sending a new Key Encryption Key (KEK,, KEKj) 
selectively to current group members currently situated in the 
25 corresponding group key management areas (area,, areaj). 
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8. A method as claimed in any preceding claim and including said local 
Group Controller Key Servers (GCKSi, GCKSj) constituting Visitor Key 
Owner Lists (VKOL l( VKOLj) for said group key management areas (areai, 

5 .areaj) that distinguish group members (MMi, MMj) possessing Visitor 
Encryption Keys (VEK|, VEKj) and situated in the corresponding group key 
management area (areai, areaj) from group members (MMij) possessing 
Visitor Encryption Keys (VEKj) that were situated in the corresponding 
group key management area (areai) but are visiting another area (areaj). 

10 

9. A method as claimed in claim 8 wherein said Extra Key Owner Lists 
(EKOU, EKOLj) and said Visitor Key Owner Lists (VKOL lf VKOLj) 
comprise lists of the group members (MMy) possessing Key Encryption 
Keys (KEKj), respectively Visitor Encryption Keys (VEKj, VEKj), that were 

15 situated in the corresponding group key management area (areas) but are 

visiting another area (areaj). 

10. A method as claimed in any preceding claim, wherein a group member 
(MMij) that was visiting another group key management area (areaj) 
returns to an area (areaj) for which it possesses a corresponding Key 

20 Encryption Key (KEKi) or Visitor Encryption Key (VEKj) before expiry of a 

validity period set by the corresponding Group Controller Key Server 
(GCKSi) without said corresponding Group Controller Key Server (GCKSi) 
rekeying said Key Encryption Key (KEKi). 
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AMENDED CLAIMS 

[received by the International Bureau on 07 November 2005 (07.1 1.2005): original claim 1- has been replaced 

by amended claim 1]. 



1. A method of inter-area rekeying of encryption keys in secure mobile multicast 
communications, in which a Domain Group Controller Key Server (Domain 
GCKS) distributes Traffic Encryption Keys (TEK) to a plurality of local 

5 Group Controller Key Servers (local GCKS) serving respective group key 

management areas, and said local Group Controller Key Servers forward said 
Traffic Encryption Keys, encrypted using Key Encryption Keys (KEKi, KEKj) 
that are specific t> the respective local Group Controller Key Server (local 
GCKSi, GCKSj), to group members situated in the respective group key 

10 management areas, said local Group Controller Key Servers (GCKSj, GCKSj) 

constituting Extra Key Owner Lists (EKOLj, EKOLj) for said group key 
management areas (areaj, areaj) that distinguish group members (MMi, MMj) 
possessing Key Encryption Keys (KEKj, KEKj) and situated in the 
corresponding group key management area (areas, areaj) from group members 

15 (MMy) possessing Key Encryption Keys (KEKj) that were situated in the 

corresponding group key management area (areaj) but are visiting another area 
(area 3 ), 

characterised in that said local Group Controller Key Servers a) forward said 
Traffic Encryption Keys (TEK) to group members (MMjj) visiting the 

20 respective group key management areas (areaj) encrypted using a Visitor 

Encryption Key (VEKj) that is specific to the respective local Group 
Controller Key Server (GCKSj) and is different from said Key Encryption Key 
(KEKj) and b) send a new Visitor Encryption Key (VEKj) to a visiting group 
member (MMjj) arriving in the corresponding group key management area 

25 (areaj) if there is no other visiting group member (MM|j) situated in the 

corresponding group key management area (areaj) and if a current Visitor 
Encryption Key (VEKj) exists that has already been used to encrypt a previous 
Traffic Encryption Key (TEK). 

2. A method as claimed in claim 1, and comprising rekeying said Traffic 
30 Encryption Keys (TEK) after rekeying said Key Encryption Key (KEK ( , 

KEKj). 
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